There is an old saying, “don’t look a gift horse in the mouth”.
To those people who ask valid questions, offer constructive criticism (even if unfavourable) and more, I thank you sincerely. To the others, I have a rant to expound.
In writing, researching and publishing, this is something I have seen we need to learn as a profession in information security. Do not get me wrong, there are many professionals out there who actually take note of what they receive and are thankful for it.
That stated, there is a vocal minority in our field who need to learn this lesson and do us all a grand disservice in their petty bitching.
I have published a number of papers in the last few weeks and I do little to hide my email address so as would be expected, I have received comments. The majority of these have been favourable or at least constructive. There are around 10-15% of the vocal people in the industry who can learn a little about what they obtain for free.
It is not just me, I see this all the time.
I see people complaining that Facebook, a free service has changed their look and owes then something. Grow up.
In my case. The “children”have come back with the following comments concerning a paper and research I did with a colleague:
- You only modelled system behaviour. Without looking at the browser it does not mean much.
Well, actually it does. Science has rules to experiments. You do not get good results that can be used to show a causal effect unless you create experiments that are designed for this. This means we have to control for all of the variables as much as is possible baring those you are seeking to test.
- You have not reported on X (replace X with a number of things and outcomes). In collecting this data you should have also been able to report on types of attacks and more.
Yes, you are correct, there is a lot of work that can be done on a set of pcaps containing data about attacks. I plan to do this in time and I will also be offering some material for students to do research on. That stated, there are only so many hours in a day.
- You could have covered more and made this valuable if you extended the research into X.
OK, my bitch time. The experiment in this paper was not conducted under a grant. It was funded through a company I used to own. I could have used the money to go on a vacation, buy a better car and many other things. I used it for the purpose of my research.
In fact, I used to own two sports cars and a boat. I sold all of these in order to do some of these experiments. That was MY choice, I wanted the answers and I do not regret it one iota.
That stated, if you want to have me do more. Fund me. If not, don't bitch about whether I have covered your pet project in my research. Remember this was MY research. I may be attached to a university, but this does not mean that I do not use my own funds when I choose to.
For all I hear people complain about them, I will thank Microsoft. The Microsoft Academic Alliance has allowed me to legally install and license hundred s of hosts in the experiments I have been doing.
Without this program, I would not have been able to have completed the tests.
- You did not test Linux/Mac/Android….
Again, did you pay for the research?
I have limited time and limited funds. I work 80 plus hours and I donate around 60 hours of it. To simply maintain my credentials, I have 25 exams a year right now. If you want more covered, you either fund me or my research (and this is a point for some people, my research) will focus where I want to have it focused.
I do commercial research and more importantly, I work at a University where we will have lots of eager post graduate students wanting to do applied research. You are not paying us, but in funding research you get to ask a question and frame it as you want and seek the answer in a format you want. If you want to have a specific topic investigated, pay for it to be researched.
I do many simple tests and experiments such as:
- Using checklists
- IDS and responding
- Software coding.
- How users react to monitoring
- Type I errors in intrusion monitoring
And again. Yes I censor comments. I am the only person who gets to swear on my blog. It is after all MY blog and if you do not like that, too bad.
No, my CV is NOT up to date either. As I am not actually looking, I have not made an effort to maintain it.
To those people who offer support and even constructive criticism, I thank you sincerely.